From bda9f8257e765ac21b9e65b3bf0d3f090aa7b6e1 Mon Sep 17 00:00:00 2001 From: "dotnet-maestro[bot]" Date: Fri, 21 Nov 2025 02:03:48 +0000 Subject: [PATCH] Update dependencies from https://github.com/dotnet/dotnet build 291616 Updated Dependencies: Microsoft.NET.Runtime.WebAssembly.Sdk, Microsoft.NETCore.BrowserDebugHost.Transport, Microsoft.NET.Runtime.MonoAOTCompiler.Task, Microsoft.Bcl.AsyncInterfaces, Microsoft.Bcl.TimeProvider, Microsoft.Extensions.Caching.Abstractions, Microsoft.Extensions.Caching.Memory, Microsoft.Extensions.Configuration, Microsoft.Extensions.Configuration.Abstractions, Microsoft.Extensions.Configuration.Binder, Microsoft.Extensions.Configuration.CommandLine, Microsoft.Extensions.Configuration.EnvironmentVariables, Microsoft.Extensions.Configuration.FileExtensions, Microsoft.Extensions.Configuration.Ini, Microsoft.Extensions.Configuration.Json, Microsoft.Extensions.Configuration.UserSecrets, Microsoft.Extensions.Configuration.Xml, Microsoft.Extensions.DependencyInjection, Microsoft.Extensions.DependencyInjection.Abstractions, Microsoft.Extensions.DependencyModel, Microsoft.Extensions.Diagnostics, Microsoft.Extensions.Diagnostics.Abstractions, Microsoft.Extensions.FileProviders.Abstractions, Microsoft.Extensions.FileProviders.Composite, Microsoft.Extensions.FileProviders.Physical, Microsoft.Extensions.FileSystemGlobbing, Microsoft.Extensions.HostFactoryResolver.Sources, Microsoft.Extensions.Hosting, Microsoft.Extensions.Hosting.Abstractions, Microsoft.Extensions.Http, Microsoft.Extensions.Logging, Microsoft.Extensions.Logging.Abstractions, Microsoft.Extensions.Logging.Configuration, Microsoft.Extensions.Logging.Console, Microsoft.Extensions.Logging.Debug, Microsoft.Extensions.Logging.EventLog, Microsoft.Extensions.Logging.EventSource, Microsoft.Extensions.Logging.TraceSource, Microsoft.Extensions.Options, Microsoft.Extensions.Options.ConfigurationExtensions, Microsoft.Extensions.Options.DataAnnotations, Microsoft.Extensions.Primitives, Microsoft.Internal.Runtime.AspNetCore.Transport, Microsoft.NETCore.App.Ref, Microsoft.NETCore.Platforms, System.Collections.Immutable, System.Composition, System.Configuration.ConfigurationManager, System.Diagnostics.DiagnosticSource, System.Diagnostics.EventLog, System.Diagnostics.PerformanceCounter, System.DirectoryServices.Protocols, System.Formats.Asn1, System.Formats.Cbor, System.IO.Hashing, System.IO.Pipelines, System.Memory.Data, System.Net.Http.Json, System.Net.Http.WinHttpHandler, System.Net.ServerSentEvents, System.Numerics.Tensors, System.Reflection.Metadata, System.Resources.Extensions, System.Runtime.Caching, System.Security.Cryptography.Pkcs, System.Security.Cryptography.Xml, System.Security.Permissions, System.ServiceProcess.ServiceController, System.Text.Encodings.Web, System.Text.Json, System.Threading.AccessControl, System.Threading.Channels, System.Threading.RateLimiting (Version 10.0.0-rc.3.25569.110 -> 10.0.0-rc.3.25570.101) dotnet-ef, Microsoft.EntityFrameworkCore, Microsoft.EntityFrameworkCore.Design, Microsoft.EntityFrameworkCore.InMemory, Microsoft.EntityFrameworkCore.Relational, Microsoft.EntityFrameworkCore.Sqlite, Microsoft.EntityFrameworkCore.SqlServer, Microsoft.EntityFrameworkCore.Tools (Version 10.0.1-servicing.25569.110 -> 10.0.1-servicing.25570.101) Microsoft.DotNet.Arcade.Sdk, Microsoft.DotNet.Build.Tasks.Archives, Microsoft.DotNet.Build.Tasks.Installers, Microsoft.DotNet.Build.Tasks.Templating, Microsoft.DotNet.Helix.Sdk, Microsoft.DotNet.RemoteExecutor, Microsoft.DotNet.SharedFramework.Sdk (Version 11.0.0-beta.25569.110 -> 11.0.0-beta.25570.101) Microsoft.Web.Xdt (Version 3.3.0-preview.25569.110 -> 3.3.0-preview.25570.101) NuGet.Frameworks, NuGet.Packaging, NuGet.Versioning (Version 7.0.0-preview.1.7010 -> 7.0.0-preview.1.7101) --- eng/Version.Details.props | 184 ++++----- eng/Version.Details.xml | 370 +++++++++--------- eng/common/core-templates/job/job.yml | 4 + .../job/publish-build-assets.yml | 7 +- .../core-templates/job/source-build.yml | 2 +- .../core-templates/post-build/post-build.yml | 3 +- .../steps/component-governance.yml | 16 + .../core-templates/steps/generate-sbom.yml | 60 ++- .../core-templates/steps/source-build.yml | 2 +- eng/common/generate-sbom-prep.ps1 | 29 ++ eng/common/generate-sbom-prep.sh | 39 ++ eng/common/template-guidance.md | 2 + eng/common/templates-official/job/job.yml | 30 +- .../steps/component-governance.yml | 7 + .../steps/publish-pipeline-artifacts.yml | 2 - eng/common/templates/job/job.yml | 31 +- .../templates/steps/component-governance.yml | 7 + global.json | 6 +- 18 files changed, 484 insertions(+), 317 deletions(-) create mode 100644 eng/common/core-templates/steps/component-governance.yml create mode 100644 eng/common/generate-sbom-prep.ps1 create mode 100644 eng/common/generate-sbom-prep.sh create mode 100644 eng/common/templates-official/steps/component-governance.yml create mode 100644 eng/common/templates/steps/component-governance.yml diff --git a/eng/Version.Details.props b/eng/Version.Details.props index 39299b919039..dec497d5ed1a 100644 --- a/eng/Version.Details.props +++ b/eng/Version.Details.props @@ -6,98 +6,98 @@ This file should be imported by eng/Versions.props - 10.0.1-servicing.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 11.0.0-beta.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.1-servicing.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 3.3.0-preview.25569.110 - 7.0.0-preview.1.7010 - 7.0.0-preview.1.7010 - 7.0.0-preview.1.7010 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 - 10.0.0-rc.3.25569.110 + 10.0.1-servicing.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 11.0.0-beta.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.1-servicing.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 3.3.0-preview.25570.101 + 7.0.0-preview.1.7101 + 7.0.0-preview.1.7101 + 7.0.0-preview.1.7101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 + 10.0.0-rc.3.25570.101 4.13.0-3.24613.7 4.13.0-3.24613.7 diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml index c0b3c853eeb6..5469560c9ae9 100644 --- a/eng/Version.Details.xml +++ b/eng/Version.Details.xml @@ -8,333 +8,333 @@ See https://github.com/dotnet/arcade/blob/master/Documentation/Darc.md for instructions on using darc. --> - + - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a @@ -358,37 +358,37 @@ - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a https://github.com/dotnet/extensions @@ -440,17 +440,17 @@ https://github.com/dotnet/msbuild d1cce8d7cc03c23a4f1bad8e9240714fd9d199a3 - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a - + https://github.com/dotnet/dotnet - ea77dd1498eeaae360c4309d07ccd68c8936fe48 + e9a2ab63ad60de1afff34ddc3f09257093ea034a diff --git a/eng/common/core-templates/job/job.yml b/eng/common/core-templates/job/job.yml index 3921b407bc97..cb4ccc023a33 100644 --- a/eng/common/core-templates/job/job.yml +++ b/eng/common/core-templates/job/job.yml @@ -31,6 +31,7 @@ parameters: testRunTitle: '' testResultsFormat: '' name: '' + componentGovernanceSteps: [] preSteps: [] artifactPublishSteps: [] runAsPublic: false @@ -149,6 +150,9 @@ jobs: - ${{ each step in parameters.steps }}: - ${{ step }} + - ${{ each step in parameters.componentGovernanceSteps }}: + - ${{ step }} + - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest')) }}: - template: /eng/common/core-templates/steps/cleanup-microbuild.yml parameters: diff --git a/eng/common/core-templates/job/publish-build-assets.yml b/eng/common/core-templates/job/publish-build-assets.yml index a23657cd7169..8b5c635fe807 100644 --- a/eng/common/core-templates/job/publish-build-assets.yml +++ b/eng/common/core-templates/job/publish-build-assets.yml @@ -122,8 +122,9 @@ jobs: # Populate internal runtime variables. - template: /eng/common/templates/steps/enable-internal-sources.yml - parameters: - legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw) + ${{ if eq(variables['System.TeamProject'], 'DevDiv') }}: + parameters: + legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw) - template: /eng/common/templates/steps/enable-internal-runtimes.yml @@ -172,7 +173,7 @@ jobs: artifactName: AssetManifests displayName: 'Publish Merged Manifest' retryCountOnTaskFailure: 10 # for any logs being locked - isProduction: false + sbomEnabled: false # we don't need SBOM for logs - template: /eng/common/core-templates/steps/publish-build-artifacts.yml parameters: diff --git a/eng/common/core-templates/job/source-build.yml b/eng/common/core-templates/job/source-build.yml index d805d5faeb94..9f6b3ee9e463 100644 --- a/eng/common/core-templates/job/source-build.yml +++ b/eng/common/core-templates/job/source-build.yml @@ -60,7 +60,7 @@ jobs: pool: ${{ if eq(variables['System.TeamProject'], 'public') }}: name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore-Svc-Public' ), False, 'NetCore-Public')] - demands: ImageOverride -equals build.ubuntu.2004.amd64 + demands: ImageOverride -equals build.ubuntu.2204.amd64 ${{ if eq(variables['System.TeamProject'], 'internal') }}: name: $[replace(replace(eq(contains(coalesce(variables['System.PullRequest.TargetBranch'], variables['Build.SourceBranch'], 'refs/heads/main'), 'release'), 'true'), True, 'NetCore1ESPool-Svc-Internal'), False, 'NetCore1ESPool-Internal')] image: 1es-mariner-2 diff --git a/eng/common/core-templates/post-build/post-build.yml b/eng/common/core-templates/post-build/post-build.yml index 27763a825b9e..6f0929c039b5 100644 --- a/eng/common/core-templates/post-build/post-build.yml +++ b/eng/common/core-templates/post-build/post-build.yml @@ -305,8 +305,9 @@ stages: PromoteToChannelIds: ${{ parameters.PromoteToChannelIds }} is1ESPipeline: ${{ parameters.is1ESPipeline }} - - task: NuGetAuthenticate@1 # Populate internal runtime variables. + - task: NuGetAuthenticate@1 + # Populate internal runtime variables. - template: /eng/common/templates/steps/enable-internal-sources.yml parameters: legacyCredential: $(dn-bot-dnceng-artifact-feeds-rw) diff --git a/eng/common/core-templates/steps/component-governance.yml b/eng/common/core-templates/steps/component-governance.yml new file mode 100644 index 000000000000..cf0649aa9565 --- /dev/null +++ b/eng/common/core-templates/steps/component-governance.yml @@ -0,0 +1,16 @@ +parameters: + disableComponentGovernance: false + componentGovernanceIgnoreDirectories: '' + is1ESPipeline: false + displayName: 'Component Detection' + +steps: +- ${{ if eq(parameters.disableComponentGovernance, 'true') }}: + - script: echo "##vso[task.setvariable variable=skipComponentGovernanceDetection]true" + displayName: Set skipComponentGovernanceDetection variable +- ${{ if ne(parameters.disableComponentGovernance, 'true') }}: + - task: ComponentGovernanceComponentDetection@0 + continueOnError: true + displayName: ${{ parameters.displayName }} + inputs: + ignoreDirectories: ${{ parameters.componentGovernanceIgnoreDirectories }} diff --git a/eng/common/core-templates/steps/generate-sbom.yml b/eng/common/core-templates/steps/generate-sbom.yml index aad0a8aeda33..003f7eae0fa5 100644 --- a/eng/common/core-templates/steps/generate-sbom.yml +++ b/eng/common/core-templates/steps/generate-sbom.yml @@ -1,14 +1,54 @@ +# BuildDropPath - The root folder of the drop directory for which the manifest file will be generated. +# PackageName - The name of the package this SBOM represents. +# PackageVersion - The version of the package this SBOM represents. +# ManifestDirPath - The path of the directory where the generated manifest files will be placed +# IgnoreDirectories - Directories to ignore for SBOM generation. This will be passed through to the CG component detector. + parameters: - PackageVersion: unused - BuildDropPath: unused - PackageName: unused - ManifestDirPath: unused - IgnoreDirectories: unused - sbomContinueOnError: unused - is1ESPipeline: unused - publishArtifacts: unused + PackageVersion: 11.0.0 + BuildDropPath: '$(System.DefaultWorkingDirectory)/artifacts' + PackageName: '.NET' + ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom + IgnoreDirectories: '' + sbomContinueOnError: true + is1ESPipeline: false + # disable publishArtifacts if some other step is publishing the artifacts (like job.yml). + publishArtifacts: true steps: +- task: PowerShell@2 + displayName: Prep for SBOM generation in (Non-linux) + condition: or(eq(variables['Agent.Os'], 'Windows_NT'), eq(variables['Agent.Os'], 'Darwin')) + inputs: + filePath: ./eng/common/generate-sbom-prep.ps1 + arguments: ${{parameters.manifestDirPath}} + +# Chmodding is a workaround for https://github.com/dotnet/arcade/issues/8461 - script: | - echo "##vso[task.logissue type=warning]Including generate-sbom.yml is deprecated, SBOM generation is handled 1ES PT now. Remove this include." - displayName: Issue generate-sbom.yml deprecation warning + chmod +x ./eng/common/generate-sbom-prep.sh + ./eng/common/generate-sbom-prep.sh ${{parameters.manifestDirPath}} + displayName: Prep for SBOM generation in (Linux) + condition: eq(variables['Agent.Os'], 'Linux') + continueOnError: ${{ parameters.sbomContinueOnError }} + +- task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 + displayName: 'Generate SBOM manifest' + continueOnError: ${{ parameters.sbomContinueOnError }} + inputs: + PackageName: ${{ parameters.packageName }} + BuildDropPath: ${{ parameters.buildDropPath }} + PackageVersion: ${{ parameters.packageVersion }} + ManifestDirPath: ${{ parameters.manifestDirPath }}/$(ARTIFACT_NAME) + ${{ if ne(parameters.IgnoreDirectories, '') }}: + AdditionalComponentDetectorArgs: '--IgnoreDirectories ${{ parameters.IgnoreDirectories }}' + +- ${{ if eq(parameters.publishArtifacts, 'true')}}: + - template: /eng/common/core-templates/steps/publish-pipeline-artifacts.yml + parameters: + is1ESPipeline: ${{ parameters.is1ESPipeline }} + args: + displayName: Publish SBOM manifest + continueOnError: ${{parameters.sbomContinueOnError}} + targetPath: '${{ parameters.manifestDirPath }}' + artifactName: $(ARTIFACT_NAME) + diff --git a/eng/common/core-templates/steps/source-build.yml b/eng/common/core-templates/steps/source-build.yml index 40b6c4c320f0..acf16ed34963 100644 --- a/eng/common/core-templates/steps/source-build.yml +++ b/eng/common/core-templates/steps/source-build.yml @@ -62,4 +62,4 @@ steps: artifactName: BuildLogs_SourceBuild_${{ parameters.platform.name }}_Attempt$(System.JobAttempt) continueOnError: true condition: succeededOrFailed() - isProduction: false + sbomEnabled: false # we don't need SBOM for logs diff --git a/eng/common/generate-sbom-prep.ps1 b/eng/common/generate-sbom-prep.ps1 new file mode 100644 index 000000000000..a0c7d792a76f --- /dev/null +++ b/eng/common/generate-sbom-prep.ps1 @@ -0,0 +1,29 @@ +Param( + [Parameter(Mandatory=$true)][string] $ManifestDirPath # Manifest directory where sbom will be placed +) + +. $PSScriptRoot\pipeline-logging-functions.ps1 + +# Normally - we'd listen to the manifest path given, but 1ES templates will overwrite if this level gets uploaded directly +# with their own overwriting ours. So we create it as a sub directory of the requested manifest path. +$ArtifactName = "${env:SYSTEM_STAGENAME}_${env:AGENT_JOBNAME}_SBOM" +$SafeArtifactName = $ArtifactName -replace '["/:<>\\|?@*"() ]', '_' +$SbomGenerationDir = Join-Path $ManifestDirPath $SafeArtifactName + +Write-Host "Artifact name before : $ArtifactName" +Write-Host "Artifact name after : $SafeArtifactName" + +Write-Host "Creating dir $ManifestDirPath" + +# create directory for sbom manifest to be placed +if (!(Test-Path -path $SbomGenerationDir)) +{ + New-Item -ItemType Directory -path $SbomGenerationDir + Write-Host "Successfully created directory $SbomGenerationDir" +} +else{ + Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder." +} + +Write-Host "Updating artifact name" +Write-Host "##vso[task.setvariable variable=ARTIFACT_NAME]$SafeArtifactName" diff --git a/eng/common/generate-sbom-prep.sh b/eng/common/generate-sbom-prep.sh new file mode 100644 index 000000000000..b8ecca72bbf5 --- /dev/null +++ b/eng/common/generate-sbom-prep.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +source="${BASH_SOURCE[0]}" + +# resolve $SOURCE until the file is no longer a symlink +while [[ -h $source ]]; do + scriptroot="$( cd -P "$( dirname "$source" )" && pwd )" + source="$(readlink "$source")" + + # if $source was a relative symlink, we need to resolve it relative to the path where the + # symlink file was located + [[ $source != /* ]] && source="$scriptroot/$source" +done +scriptroot="$( cd -P "$( dirname "$source" )" && pwd )" +. $scriptroot/pipeline-logging-functions.sh + + +# replace all special characters with _, some builds use special characters like : in Agent.Jobname, that is not a permissible name while uploading artifacts. +artifact_name=$SYSTEM_STAGENAME"_"$AGENT_JOBNAME"_SBOM" +safe_artifact_name="${artifact_name//["/:<>\\|?@*$" ]/_}" +manifest_dir=$1 + +# Normally - we'd listen to the manifest path given, but 1ES templates will overwrite if this level gets uploaded directly +# with their own overwriting ours. So we create it as a sub directory of the requested manifest path. +sbom_generation_dir="$manifest_dir/$safe_artifact_name" + +if [ ! -d "$sbom_generation_dir" ] ; then + mkdir -p "$sbom_generation_dir" + echo "Sbom directory created." $sbom_generation_dir +else + Write-PipelineTelemetryError -category 'Build' "Unable to create sbom folder." +fi + +echo "Artifact name before : "$artifact_name +echo "Artifact name after : "$safe_artifact_name +export ARTIFACT_NAME=$safe_artifact_name +echo "##vso[task.setvariable variable=ARTIFACT_NAME]$safe_artifact_name" + +exit 0 diff --git a/eng/common/template-guidance.md b/eng/common/template-guidance.md index e2b07a865f10..4bf4cf41bd7c 100644 --- a/eng/common/template-guidance.md +++ b/eng/common/template-guidance.md @@ -82,6 +82,7 @@ eng\common\ publish-build-artifacts.yml (logic) publish-pipeline-artifacts.yml (logic) component-governance.yml (shim) + generate-sbom.yml (shim) publish-logs.yml (shim) retain-build.yml (shim) send-to-helix.yml (shim) @@ -106,6 +107,7 @@ eng\common\ setup-maestro-vars.yml (logic) steps\ component-governance.yml (logic) + generate-sbom.yml (logic) publish-build-artifacts.yml (redirect) publish-logs.yml (logic) publish-pipeline-artifacts.yml (redirect) diff --git a/eng/common/templates-official/job/job.yml b/eng/common/templates-official/job/job.yml index fed3caaea702..92a0664f5647 100644 --- a/eng/common/templates-official/job/job.yml +++ b/eng/common/templates-official/job/job.yml @@ -1,15 +1,24 @@ parameters: +# Sbom related params + enableSbom: true runAsPublic: false -# Sbom related params, unused now and can eventually be removed - enableSbom: unused - PackageVersion: unused - BuildDropPath: unused + PackageVersion: 9.0.0 + BuildDropPath: '$(System.DefaultWorkingDirectory)/artifacts' jobs: - template: /eng/common/core-templates/job/job.yml parameters: is1ESPipeline: true + componentGovernanceSteps: + - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), eq(parameters.enableSbom, 'true')) }}: + - template: /eng/common/templates/steps/generate-sbom.yml + parameters: + PackageVersion: ${{ parameters.packageVersion }} + BuildDropPath: ${{ parameters.buildDropPath }} + ManifestDirPath: $(Build.ArtifactStagingDirectory)/sbom + publishArtifacts: false + # publish artifacts # for 1ES managed templates, use the templateContext.output to handle multiple outputs. templateContext: @@ -32,7 +41,7 @@ jobs: continueOnError: true condition: always() retryCountOnTaskFailure: 10 # for any logs being locked - isProduction: false + sbomEnabled: false # we don't need SBOM for logs - ${{ if eq(parameters.enablePublishBuildArtifacts, true) }}: - output: buildArtifacts @@ -42,7 +51,7 @@ jobs: ArtifactName: ${{ coalesce(parameters.enablePublishBuildArtifacts.artifactName, '$(Agent.Os)_$(Agent.JobName)_Attempt$(System.JobAttempt)' ) }} continueOnError: true condition: always() - #isProduction: false + sbomEnabled: false # we don't need SBOM for logs - ${{ if eq(parameters.enableBuildRetry, 'true') }}: - output: pipelineArtifact @@ -50,7 +59,14 @@ jobs: artifactName: 'BuildConfiguration' displayName: 'Publish build retry configuration' continueOnError: true - isProduction: false + sbomEnabled: false # we don't need SBOM for BuildConfiguration + + - ${{ if and(eq(parameters.runAsPublic, 'false'), ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), eq(parameters.enableSbom, 'true')) }}: + - output: pipelineArtifact + displayName: Publish SBOM manifest + continueOnError: true + targetPath: $(Build.ArtifactStagingDirectory)/sbom + artifactName: $(ARTIFACT_NAME) # add any outputs provided via root yaml - ${{ if ne(parameters.templateContext.outputs, '') }}: diff --git a/eng/common/templates-official/steps/component-governance.yml b/eng/common/templates-official/steps/component-governance.yml new file mode 100644 index 000000000000..30bb3985ca2b --- /dev/null +++ b/eng/common/templates-official/steps/component-governance.yml @@ -0,0 +1,7 @@ +steps: +- template: /eng/common/core-templates/steps/component-governance.yml + parameters: + is1ESPipeline: true + + ${{ each parameter in parameters }}: + ${{ parameter.key }}: ${{ parameter.value }} diff --git a/eng/common/templates-official/steps/publish-pipeline-artifacts.yml b/eng/common/templates-official/steps/publish-pipeline-artifacts.yml index 6a652ae1cfe5..172f9f0fdc97 100644 --- a/eng/common/templates-official/steps/publish-pipeline-artifacts.yml +++ b/eng/common/templates-official/steps/publish-pipeline-artifacts.yml @@ -26,5 +26,3 @@ steps: properties: ${{ parameters.args.properties }} ${{ if parameters.args.sbomEnabled }}: sbomEnabled: ${{ parameters.args.sbomEnabled }} - ${{ if parameters.args.isProduction }}: - isProduction: ${{ parameters.args.isProduction }} diff --git a/eng/common/templates/job/job.yml b/eng/common/templates/job/job.yml index d1b2352798f6..238fa0818f7b 100644 --- a/eng/common/templates/job/job.yml +++ b/eng/common/templates/job/job.yml @@ -1,12 +1,12 @@ parameters: enablePublishBuildArtifacts: false + disableComponentGovernance: '' + componentGovernanceIgnoreDirectories: '' +# Sbom related params + enableSbom: true runAsPublic: false -# CG related params, unused now and can eventually be removed - disableComponentGovernance: unused -# Sbom related params, unused now and can eventually be removed - enableSbom: unused - PackageVersion: unused - BuildDropPath: unused + PackageVersion: 9.0.0 + BuildDropPath: '$(System.DefaultWorkingDirectory)/artifacts' jobs: - template: /eng/common/core-templates/job/job.yml @@ -21,10 +21,17 @@ jobs: - ${{ each step in parameters.steps }}: - ${{ step }} - # we don't run CG in public - - ${{ if eq(variables['System.TeamProject'], 'public') }}: - - script: echo "##vso[task.setvariable variable=skipComponentGovernanceDetection]true" - displayName: Set skipComponentGovernanceDetection variable + componentGovernanceSteps: + - template: /eng/common/templates/steps/component-governance.yml + parameters: + ${{ if eq(parameters.disableComponentGovernance, '') }}: + ${{ if and(ne(variables['System.TeamProject'], 'public'), notin(variables['Build.Reason'], 'PullRequest'), eq(parameters.runAsPublic, 'false'), or(startsWith(variables['Build.SourceBranch'], 'refs/heads/release/'), startsWith(variables['Build.SourceBranch'], 'refs/heads/dotnet/'), startsWith(variables['Build.SourceBranch'], 'refs/heads/microsoft/'), eq(variables['Build.SourceBranch'], 'refs/heads/main'))) }}: + disableComponentGovernance: false + ${{ else }}: + disableComponentGovernance: true + ${{ else }}: + disableComponentGovernance: ${{ parameters.disableComponentGovernance }} + componentGovernanceIgnoreDirectories: ${{ parameters.componentGovernanceIgnoreDirectories }} artifactPublishSteps: - ${{ if ne(parameters.artifacts.publish, '') }}: @@ -51,7 +58,7 @@ jobs: continueOnError: true condition: always() retryCountOnTaskFailure: 10 # for any logs being locked - isProduction: false + sbomEnabled: false # we don't need SBOM for logs - ${{ if ne(parameters.enablePublishBuildArtifacts, 'false') }}: - template: /eng/common/core-templates/steps/publish-build-artifacts.yml @@ -74,4 +81,4 @@ jobs: artifactName: 'BuildConfiguration' displayName: 'Publish build retry configuration' continueOnError: true - isProduction: false + sbomEnabled: false # we don't need SBOM for BuildConfiguration diff --git a/eng/common/templates/steps/component-governance.yml b/eng/common/templates/steps/component-governance.yml new file mode 100644 index 000000000000..c12a5f8d21d7 --- /dev/null +++ b/eng/common/templates/steps/component-governance.yml @@ -0,0 +1,7 @@ +steps: +- template: /eng/common/core-templates/steps/component-governance.yml + parameters: + is1ESPipeline: false + + ${{ each parameter in parameters }}: + ${{ parameter.key }}: ${{ parameter.value }} diff --git a/global.json b/global.json index 4df39f68a65e..43310f769bc8 100644 --- a/global.json +++ b/global.json @@ -32,9 +32,9 @@ "jdk": "latest" }, "msbuild-sdks": { - "Microsoft.DotNet.Arcade.Sdk": "11.0.0-beta.25569.110", - "Microsoft.DotNet.Helix.Sdk": "11.0.0-beta.25569.110", - "Microsoft.DotNet.SharedFramework.Sdk": "11.0.0-beta.25569.110", + "Microsoft.DotNet.Arcade.Sdk": "11.0.0-beta.25570.101", + "Microsoft.DotNet.Helix.Sdk": "11.0.0-beta.25570.101", + "Microsoft.DotNet.SharedFramework.Sdk": "11.0.0-beta.25570.101", "Microsoft.Build.NoTargets": "3.7.0", "Microsoft.Build.Traversal": "3.4.0", "Microsoft.WixToolset.Sdk": "5.0.2-dotnet.2811440"